//
sign in
Post
by @danabra.mov
PostEmbed
by @danabra.mov
Record
by @jimpick.com
Record
by @atsui.org
+ new component
Post
Shellcode execution as a service! To exploit an argument injection in Jellyfin, we searched and found a gadget in the .NET runtime to turn file writes into code execution. Learn about the bug and this new technique in our blog post: www.sonarsource.com/blog/jellyfi... #appsec #vulnerability
17d
Jellyfin RCE | Inconsistent Validation Leads to Argument Injection
Explore a Jellyfin remote code execution flaw where inconsistent validation enables FFmpeg argument injection and unauthenticated code execution.
www.sonarsource.com
SonarResearch